by Nicolas Deschatrettes
Written in Borland C++
Released in August 2007
Dropped files: c:\WINDOWS\Update\Notepad\icon.ico Size: 101,966 bytes c:\WINDOWS\Update\Notepad\install.cmd Size: 151 bytes c:\WINDOWS\Update\Notepad\NDtelnet.exe Size: 101,038 bytes Added to Registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDTelnet "ImagePath" data: C:\Windows\Update\Notepad\NDTelnet.exe HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDTelnet "ImagePath" data: C:\Windows\Update\Notepad\NDTelnet.exe tested on Windows XP September 09, 2007MegaSecurity